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(54) System for secure transactions 

(57) A multimedia network (1) with connected cus- 
tomer stations (2), merchant servers (3)» and a payment 
sender (5). Secure electronic transactions are per- 
formed using a secure electronic transactions protocol 
(SET), including exchange of digital certifk^tes, man- 
aged by a Trusted Third Party Server (9). The customer 
stations comprise transactions management means 
(10), fit for performing said SET protocol and lor manag- 
ing said certificates for the customer station. A renK>te 
customer agent (13) represents the customer station in 
the negotiation and payment process. The customer 
station (2) comprises an agent interface (12). fit for 
transmission of codes, parameters and certificates 
between the customer agent (13) and the transactions 
management means (10). A remote merchant agent 
(14) represents the merchant station (3) in the negotia- 
tion and payment process with the customer agent (13) 
or the customer station (3). to have paid for the selected 
products in a secure way, under control of SET protocol. 
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E>escription 

BACKGROUND OF THE INVENTION 

[0001 ] The invention relates to a system for the exe- 
cution of secure transactions in a multimedia network. 
[0002] Multimedia networks like the Internet offer a 
wide variety of new possitsilites, which will have a great 
impact on the business environment of the future. Vari- 
ous vendors will start to exploit the Internet as a market- 
place For a customer not to get lost within the vast 
amount of information that is provided, in the near future 
agent-based services shall be implemented. Agents are 
autonomous pieces of software, which may perform 
tasks for users on the Internet. Based on the user's pref- 
erences, they may assist the user in making a selection 
within the vast range of offered poducts. Complemen- 
tary to this, the agent may assist in the actual purchase 
of such a product. As part of this process, the agent will 
have to be able to perform payments. 
[0003] One of the biggest inhit>itors on Electronic 
Commerce today is security Consumers demand that 
their private information be kept private. When using 
agent technology within an E-Commerce service, ade- 
quate security precautions nrujst be taken. At present 
however, agent security is still in its infancy. Therefore, 
delegating payments to agents is not possible at this 
moment in time. 

SUMMARY OF THE INVENTION 

[0004] According to the present invention, an archi- 
tecture is proposed in which agents may perform secure 
credit card payments. According to the invention, for the 
execution of such payments the SET (Secure Electronic 
Transactions) protocol is used, an upcoming starxiard 
for secure payments on the Internet by means of credit 
cards. All new entities and components that are neces- 
sary to provide agent-t>ased SET payments will be 
defined and paynr^nt Interaction (agent-agent, agent- 
user and other) will be elaborated upon. 
[0005] Most entities of the standard infrastructure 
for performing SET-based payments by means of aedit 
cards are straightfbnward analogies to real world credit 
card payments. A few, however, need further explana- 
tion. A brief description of these will be given first. 
[0006] One of the main issues when providing 
secure payments is authentication of tiie involved enti- 
ties. SET uses a robust set of digital certificates for this 
purpose. Each participant in a SET transaction requires 
a specific certificate or set of certificates that not only 
uniquely identifies this partidpant. but also attests to his 
or her privilege as holder of a payment card or as a 
hokier of a Merchant account. Brand Associations (e.g. 
VISA/MasterCard) or Card Issuers commission so 
called Certificate Authorities (CAs) to carry out the work 
of managing SET digital certificates. 
[0007] Complementary to this, SET introduces the 



notion of a Payment Gateway, which is needed to vali- 
date SET digital certificates and preprocess authorisa- 
tion, capture and settlement work concerning the 
payment at hand. Another fundamental requirement for 

5 performing SET payments is a component called an 
Electronic Wallet (E-Wallet). These wallets embody the 
SET protocol on the customer side and provide a 
means to store and manage the certificates to digitally 
sign messages, along with the security aspects con- 

w sumers demar>d to keep private data private. 

[0008] According to the present invention tiie task 
of performing SET aedit card transactions is delegated 
to agents. In developing an infrastructure tfiat enat)les 
this, the following constrairrts have been d^ined: 

15 

Obtaining certificates is not a task that users will 
want to delegate to their agents. Furthermore, it is 
not very prcbat)le that banks and CAs will approve 
of this situation. Therefore, we assume all certifi- 
20 cates and the E-Wallet to be in place. 

- The standard SET infrastructure shall be kept 
intact Therel>y the inherent security of SET pay- 
ments shall remain present and the necessary 
alterations when implementing shall be limited. 

25 

[0009] Based on these constraints, an infrastruc- 
ture has been designed wich wilt be discussed below. 

EMBODIMEfsrrOF THE INVENTION 

30 

[0010] Rgure 1 shows an architecture in which the 
invention -the use the SET protocol by "secure agents- 
can be implemented. Rgure 1 shows a multimedia net- 
work -the internet- 1. 

35 [0011] Connected to the internet 1 are customer 
PCs 2, and merchant senders 3. each via an internet 
service providers (ISP) 4. Also connected to the inter- 
net, via an ISP 4. is a payment (gateway) server 5. The 
payment server 5 is also - via an access sender 6- con- 

40 nected to a "Banker's Interchange Network" (BIN) 7, 
having banking servers 8 connected to it 
[001 2] A main issue in secure payments is authen- 
tication of entities. The SET protocol, to be used in the 
system sfiown in figure 1 , uses a set of digital certif i- 

45 cates for this purpose. Each partidpant in transaction 
requires a certificate tiiat uniquely identities the partici- 
pant and also attests to his privilege as a hokier of a 
account at the merchant server. Associations like 
VISA/MasterCard or other Card Issuers commission so 

50 called Certificate Authorities to carry out the work of 
managing SET digital certificates. In figure 1 a Trusted 
Third Party Server (TTPS) 9 erf such Certificate Auttior- 
ity is connected to the internet 1 and can be approached 
by customers 2, merchants 3 and payment servers 5. 

55 Payment sen/ers 5 are needed to validate the digital 
certificates and to preprocess authorisation, capture 
arxi settiement work concerning the payment. 
[0013] Another fundamental requirement for per- 
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forming SET payments is a system component called 
"Electronic Wallef (EW) 10. An E^allet 10 entxxJies 
the SET protocol at the customer's side and provides 
means -wrthin the customer's PC 2~ to store and man- 
age the needed certificates, to digitally sign messages, 5 
along with the security aspects customers demand to 
keep private data private. 

[0014] According to the invention agents are used 
to perform secure transactions. As said before, agents 
are autononrK>us pieces of software, which are enabled 10 
to perform tasks for users (customers or merchants). 
Based on preferences set by users 2 (customer) and 3 
(mercharrt), the users' respective agents assists or rep- 
resent the users In presenting and selecting of the mer- 
chants' products and. complementary to this, the users' is 
respective agerrts assist or represents the users to pur- 
chase (collect) the selected products and to perform the 
secure payment for it 

[0015] Each customer 2 may be represented by a 
customer agent (CA), while each merchant 3 may be 20 
represented by a merchant agent (MA). The negotiation 
process (presentation, selection and collection of prod- 
ucts and the payments for the collected products) is 
executed wrthin an "agent platform". preferat)ly emtxxi- 
ied within an "Agent Negotiation Server" (ANS) 11. 25 
Communication between the customer's PC 3 and the 
customer's agent at the ANS's side is performed, at the 
customer's side via the E^rallet 10 -meant for SET 
t>ased transaction- whrch is exterxled with a special 
SET Agent Interface (SAl) 1 2. 30 
[001 6] TTie CA 1 3 communicates with the customer 
by means of the customer's l^rowser" (customer inter- 
face) and, via the SAl 12, with the customer's E-Wallet 
10 in order to initialise payments. As was the case 
according to the state-of-the-art (using aedit cards), the 35 
actual SET payment process is performed between the 
E-Wallet 10 and the Merchant server 3. Therefore, dur- 
ing actual payment interaction the level of trust is the 
same as in known, CTedit card based SET payments. 
[0017] The CA 13 will have to be authorised to ini- 40 
tialise the EW 10 for payments. In standard SET trans- 
actions the customer is prompted -via the customer's 
browser- to enter the E-Wallet password for this pur- 
pose. The CA 13 and the SAl 12 will have to be imple- 
mented such, that one of two scenarios may be 45 
performed: either the CA 13 has authorisation to 
release the cryptographic content of the E-Wallet 10 
itself, or, after agent initialisation, the customer is 
prompted to provkJe an E-Wailet password.. In the latter 
case, customer interaction is necessary. This is not 50 
desirable from a usability point of view, but might be pre- 
ferred t>y customers (or merchants), since this will give 
them a sense of control over the payment. 
[0018] Figure 2 shows a communication procedure 
for the system presented in figure 1 . 55 
[0019] For authentication and authorisation pur- 
poses, the CA 13 will carry a token, in which an author- 
isatfon code for opening up tiie E-Wallet is 
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encapsulated. The level at whrch this token is secured 
witNn the agent depends on the location of the platform 
in which the CA 13 performs its tasks. If this platform 
reskfes on the customer PC, security requirements on 
tX3th storing tiie token within the agent and communicat- 
ing it to the E-Wailet are less strong than if the agent 
resides on a rerrxjte platform like the ANS 11 as sug- 
gested in figure 1. In the latter case, the token will need 
to be adequately secured, as will, communication 
between the agent and the E-Wallet The security 
requirements are as follows: 

The token is stored within the CA 13 in encrypted 
form, using a random key. A symmetric encryption 
scheme, such as DES. shall be applied here. Th^ 
random key is generated at the PC 2 for each spe- 
cific purchase. A new key shall be generated for 
each item that is to be bougtit by the agent. 
For comminication purposes, both tiie customer 2 
and the CA 13 need to own a specif k; certificate, 
other than the SET certif cate. Payment start mes- 
sages shall be communfoated to the E-Wallet 10 in 
encrypted form, using a random session key. A 
symmetrfo encryption scheme, such as DES. shall 
be applied here. In turn, this random key shall be 
sent over in encrypted form, using tiie customer's 
public key related to the communication certificate. 
The message shall be signed wrtii the agent* s pri- 
vate key and a time stamp shall be added to the 
message in order to prevent replay by malicious 
parties. 

[0020] In figure 2 the following communication 
steps are performed: 

In step I. the CA 13 requests the Merchant Agent 
(MA) 14 to pay by credit card. The latter then 
infomns the merchant server 3 of tiie requested 
payment, while parallell to that the CA 13 initialises 
theEWIO. 

In step II, the standard SET procedure is performed 
by the EW 10. the Merchant server 3 and tiie Pay- 
ment Gateway server 5. 

Rnally, in step III, after completion of the payment, 
the Merchant server 3 informs the MA 14 of this 
tact. The MA 1 4 passes this message on to the CA 
13, which notifies the customer of payment comple- 
tion. 

[0021] The infrastructure and message ffows are a 
natural extension of any agent-t>ased infrastructure. 
Implementation may therefore by performed straightfor- 
wardly 

Clainns 

1 . System for the execution of secure transactions in a 
multimedia network, comprising a multimedia net- 
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work with customer stations (2). merchant servers 
(3), and a payment server (5) connected to it 
secure electronic transactions being performed 
using a secure electronic transactions protocol, 
comprising the exchange of digital certificates, 
uniquely identifying the rele^nt transaction partici- 
pants and also attesting their privileges at the mer- 
chant server, said certificates being managed by a 
Trusted Third Party Server (9) being connected too 
to said multimedia networK said payment servers 5 
being enabled to validate the digital certificates pre- 
sented and to process authorisation concerning the 
payment, said customer stations comprising trans- 
actions management means (10). fit for performing 
said secure electronic transactions protocol and for 
managing said certificates for the customer station, 
characterized in a renrwte customer agent (13), 
managed by agent parameters received or to t>e 
received from said customer station (2) arxi thus, 
under the control of said parameters, assisting or 
representing the customer station in a negotiation 
process, including selecting products to be pre- 
sented by the merchant server (3), and payment for 
selected products in a secure way, urxJer control of 
said secure electronic transactions protocol and 
said certificates, being managed by said transac- 
tions management means (10). 

2. System according to claim 1 , 

characterized in that said customer station (2) 
comprises an agent interface 1 2. fit for transmission 
of codes, parameters and certificates between said 
customer agent (13) and said transactions man- 
agement means (10). 

3. System according to claim 1 . 

characterized in a remote merchant agent (14), 
managed by agent parameters received or to be 
received from said merchant station (3) and thus, 
under the control of said parameters, assisting or 
representing the merchant station in a negotiation 
process, including presenting products to the cus- 
tomer agent (13) or the customer station (3). and to 
have paid for products being selected by the cus- 
tomer agent (13) or the customer station (3), in a 
secure way. under control of said secure electronic 
transactions protocol and said certificates. 

4. System according to claim 2, 

characterized in that said negotiation and pay- 
ment process by said customer agent (13) and said 
merchant agent (14) is performed within an agent 
negotiation server (11), connected to said multime- 
dia network (1). 

5. System according to claim 1 . 

characterized in that, within sakJ secure electronic 
transaction protocol, for authenticatbn and authori- 



sation said customer agent (1 3) transmits a token is 
encapsulated, comprising an authorisation code for 
opening up said transactions management means 
(10). 

5 

6. System according to daim 5, 

characterized in that said token is stored within the 
customer agent (13) in an encrypted form, using a 
random key, being generated at the customer sta- 
10 tion (2) for each new payment process. 

7. System according to daim 5, 

characterized in that both the customer station (2) 
and the customer agent (13) comprise a specific 

75 communication certifk:ate. payment start mes- 
sages being communicated to saki transactions 
management means (10) in encrypted form, using 
a random session key which, in turn, is sent over in 
encrypted form, using the customer station's public 

20 key related to said communicatk>n certificate, saki 
message being signed with the customer agenfs 
private key related to said communication certifi- 
cate av6 a time stamp t>eing added to said mes- 
sage in order to prevent replay by malidous parties. 

25 

& Method for the e)cecutk>n of secure transactions in a 
multimedia network, comprising a multimedia net- 
work with customer statk>ns (2). merchant servers 
(3). and a payment server (5) connected to it. 

30 secure electronic transactions being perfonmed 
using a secure electronic transactions protocol, 
comprising the exchange of digital certificates, 
uniquely identifying the relevant transaction partid- 
pants and also attesting their privileges at the mer- 

35 chant server, saki certificates t>eing managed by a 
Trusted Third Party Sen/er (9) being connected too 
to said multimedia network, saki payment servers 5 
tkeing enabled to validate the digital certificates pre- 
sented and to process authorisation cortcerning the 

40 payment saki customer stations corrprising trans- 
actbns management means (10). fit for performing 
saki secure electronic transactions protocol and for 
managing saki certifk;ates for the customer station, 
moreover, comprising a remote customer agent 

45 (13). managed by agent parameters received or to 
be received from saki customer station (2) and 
thus, under the control of saki parameters, assist- 
ing or representing the customer station in a nego- 
tiation process, including selecting products to t>e 

50 presented by the merchant server (3), and payment 
for selected products in a secure way. under control 
of saki secure electronic transactions protocol and 
saki certificates, being managed by saki transac- 
tions rYianagement means (10), while, rTK>reover, 

55 saki customer station (2) comprises an agent inter- 
face (12). fit for transmission of codes, parameters 
and certificates between saki customer agent (13) 
and said transactions management means (10). 
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and. besides, a remote merchant agent (14), man- 
aged by agent parameters received or to be 
received from said merchant station (3) and thus, 
under the control of said parameters, assisting or 
representing the merchant station In a negotiation 5 
process, including presenting products to the cus- 
tomer agent (1 3) or the customer station (3). and to 
have paid for products being selected by the cus- 
tomer agent (13) or the customer station (3), in a 
secure way, under control of said secure electronic w 
transactions protocol and said certificates, charac- 
terized in the following communication steps: 

in a first step, said customer agent (13) 
requests said merchant agent (14) to pay by is 
credit card, and the merchant agent then 
informs said merchant server (3) of the 
requested payment, while parallell to that the 
the customer agent (13) initialises said transac- 
tions management means (10); 20 
in a second step, a standard secure electronic 
transaction procedure is performed by the 
transactions management means (10), the 
merchant server (3) and the payment gateway 
server (5); 25 
in a third, final step, after completion of the pay- 
ment process, the merchant server (3) Informs 
the merchant agent (14) of that completion of 
the payment process, and the merchant agent 
(1 4) passes this message on to the customer 30 
agent (13). which notifies the customer station 
(2) of the payment completion. 
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